I have a laptop, and today i turn it on and it said due to security changes, Pin has been reset, and set a new pin, for this, outlook email password and phone number last 4 digit are required, I put up the same. then otp comes, But otp is not coming and without that i wont be able to signin into laptop, [Note for forget password, otp is coming, but even after forget password set pin is asking for otp]
(I tried logging out the email from phone, but it is also asking otp, which is not coming)
is there a way, I can log into my laptop?

Update: marking this as solved. I don't know what caused the lock out - I'm 100% certain I only entered my password once. "Resolution" if it counts: I'm thankful I had the DSfinder app installed on my ipad through which I was able to see "IP Blocking" settings and managed to unblock the IP address of my PC. Had forgotten I had installed it on that device. Don't think it contributed to the issue as again, device is WiFI only and never open the Synology app. Just massively relieved!
Hi All,
Would appreciate some help here. I'm really confused what's going on.
Background
I last logged into my DSM 2 days ago on my PC. Just tried to log in right now and something odd happened, I'm used to signing in by entering my password followed by 2FA code even though it's my personal device. This time on attempting to sign on to my admin account, after entering my username I received a message to validate my log in using the Synology Secure SignIn app instead of entering a password. I do not have the app. I tried another non-admin account, still the same message. Upon attempting to log in with a password, instead I receive a message saying too many failed attempts have been made to log in and the IP address has been blocked. To be clear, I had not made any prior attempts from my personal device (it was sleeping until about 5 minutes before I attempted to log in). Although I couldn't access my DSM account, I was still able to access my mapped network drives. I tried to restart my PC and tried to log in again, but same result, and this time no luck with accessing mapped network drives either.
Edit to add: I never log into my NAS through any other devices besides this PC in my home network.
Existing Security
My NAS is exposed to the internet only via Plex. It is port forwarded so not the standard 32400 and behind a double nat. Plex has a secure password and also has 2FA.
I have firewall rules set up so only can be accessed in my country of origin UK, and after 3 or 5 wrong attempts I believe it blocks the IP. Prior to this I've never had any attempts made on my NAS.
I have my original admin account disabled, and the new one is super obscure. My password is beyond what is reflected here: https://caltechsites-prod.s3.amazonaws.com/imss/images/2023_Password_Table_Square.original.jpg
In addition, I haven't logged into my authenticator app on this device.
Oddities
One of the drives I have is dedicated to media. I'm still able to access this through Plex. I run Plex through docker and I am still able to access this through my NAS IP address.
Edit to add: I have DLNA enabled on my NAS, I'm able to access media through this as well (including through my PC).
I have another laptop that was also sleeping. I've just switched it on, it is still connected to my mapped network drives and I can access the majority of them (different limited access credentials), but none of the content is blocked by any means. I never attempt to log into DSM through this laptop. Only the initial mapping of the drives.
I've not received any emails notifying that I've been hacked/my content has been locked until I pay
Synology assistant isn't having luck finding the Synology NAS on the network at all either.
Maybe related
I've requested a speed upgrade from my internet provider. They've sent me a new router and asked me to plug it in within 5 days. I've not done this yet and was actually logging into my DSM account to double check all my settings prior to switching out.
If you're still reading, thanks so much!
At this point I'm clueless if it's something malicious or not. I'm going to run Malwarebytes overnight on my PC. Is there a chance that a change at my ISP side could result in the above?
I'm thinking worst case scenario I've been hacked, but let's say I have a keylogger on my machine, is it possible for them to break into my NAS based on my passwords alone? My 2FA is always from my personal phone and I don't log into that on my PC. Really not sure how else they could have gotten access, and again, no emails or anything, nothing has been zipped.
Would appreciate your help / suggestions on what I can do here please!
Thanks!

im using next js and next auth for user management. i have a custom API that I want to hit for authentication, so I'm using the next auth credentials provider and supplying a custom authorize method. personally id rather authenticate outside of the next auth package and just pass my user object to the authorize method, but all the example show the authorize being used to capture the form data and process the request. i was able to get this working on my local machine, but when I push to vercel, its telling me in like 7 different ways that my incoming object is not assignable or are incompatible. do i need to define my form data? the example from nextjs doesn't have any shape in the incoming parameter Next JS Course - Adding Authentication
I tried setting a define around credentials but it complained about that as well.
i think either my incoming formdata needs to match the auth packages defined incoming parameters or i need to better define my incoming parameters to match something its expecting?? or maybe it doesn't like the data my response is using, the access tokenand refresh token?
please see authorize(credentials) line
auth.ts - next auth config

import NextAuth from 'next-auth'; import { authConfig } from './auth.config'; import Credentials from 'next-auth/providers/credentials'; import { jwtDecode } from 'jwt-decode'; import axios from './app/lib/axios'; const api_endpoint = process.env.NEXT_PUBLIC_TKDR_API; // // import { Creds } from '@/app/lib/definitions'; export const { handlers, auth, signIn, signOut } = NextAuth({ ...authConfig, providers: [ Credentials({ async authorize(credentials) { try { console.log('credentials', credentials); const { email, password } = credentials; console.log('sending data', { email, password }); // const res = await fetch(`${api_endpoint}/auth/entry/`, { // method: 'POST', // headers: { // 'Content-Type': 'application/json', // // 'Content-Type': 'application/x-www-form-urlencoded', // }, // body: JSON.stringify({ // mode: 'signin', // email: email, // password: password, // }), // }); const res = await axios.post(`${api_endpoint}/auth/entry/`, { mode: 'signin', email: email, password: password, }); // console.log(res); if (res.status === 200) { // const jsonres = await res.json(); // console.log(jsonres); const user = jwtDecode(res.data.accessToken); console.log('user', user); return { ...user, accessToken: res.data.accessToken, refreshToken: res.data.refreshToken, }; } return null; } catch (error) { console.log('auth error', error); return null; // Handle authentication error // throw new Error('Authentication failed again ', error); } }, }), ], }); 

original attempt to define incoming creds

export type Creds = { email: string; password: string; callbackUrl: string; }; 

error lines from vercel

[17:46:48.581] ./auth.ts:13:13 [17:46:48.581] Type error: Type '(credentials: Partial>) => Promise<{ accessToken: any; refreshToken: any; iss?: string undefined; sub?: string undefined; aud?: string string[] undefined; exp?: number undefined; nbf?: number undefined; iat?: number undefined; jti?: string undefined; } null>' is not assignable to type '(credentials: Partial>, request: Request) => Awaitable'. [17:46:48.582] Type 'Promise<{ accessToken: any; refreshToken: any; iss?: string undefined; sub?: string undefined; aud?: string string[] undefined; exp?: number undefined; nbf?: number undefined; iat?: number undefined; jti?: string undefined; } null>' is not assignable to type 'Awaitable'. [17:46:48.583] Type 'Promise<{ accessToken: any; refreshToken: any; iss?: string undefined; sub?: string undefined; aud?: string string[] undefined; exp?: number undefined; nbf?: number undefined; iat?: number undefined; jti?: string undefined; } null>' is not assignable to type 'PromiseLike'. [17:46:48.583] Types of property 'then' are incompatible. [17:46:48.583] Type '(onfulfilled?: ((value: { ...; } null) => TR...' is not assignable to type '(onfulfilled?: ((value: User null) => TResult1 PromiseLike) null undefined, onrejected?: ((reason: any) => TResult2 PromiseLike<...>) null undefined) => PromiseLike<...>'. [17:46:48.584] Types of parameters 'onfulfilled' and 'onfulfilled' are incompatible. [17:46:48.584] Types of parameters 'value' and 'value' are incompatible. [17:46:48.584] Type '{ accessToken: any; refreshToken: any; iss?: string undefined; sub?: string undefined; aud?: string string[] undefined; exp?: number undefined; nbf?: number undefined; iat?: number undefined; jti?: string undefined; } null' is not assignable to type 'User null'. [17:46:48.584] Type '{ accessToken: any; refreshToken: any; iss?: string undefined; sub?: string undefined; aud?: string string[] undefined; exp?: number undefined; nbf?: number undefined; iat?: number undefined; jti?: string undefined; }' has no properties in common with type 'User'. [17:46:48.584] [17:46:48.584] [0m [90m 11 [39m providers[33m:[39m [[0m [17:46:48.584] [0m [90m 12 [39m [33mCredentials[39m({[0m [17:46:48.584] [0m[31m[1m>[22m[39m[90m 13 [39m [36masync[39m authorize(credentials) {[0m [17:46:48.584] [0m [90m [39m [31m[1m^[22m[39m[0m [17:46:48.584] [0m [90m 14 [39m [36mtry[39m {[0m [17:46:48.584] [0m [90m 15 [39m console[33m.[39mlog([32m'credentials'[39m[33m,[39m credentials)[33m;[39m[0m [17:46:48.585] [0m [90m 16 [39m [36mconst[39m { email[33m,[39m password } [33m=[39m credentials[33m;[39m[0m [17:46:48.669] Error: Command "npm run build" exited with 1 

Understanding Firebase Authentication Challenges

Integrating Firebase Authentication into Node.js applications offers a streamlined approach for managing user sign-ins, but it's not without its hurdles. One common issue developers encounter is the "_getRecaptchaConfig is not a function" error during the email and password signIn process. This error can be particularly frustrating because it interrupts the user authentication flow, potentially affecting the user experience and trust in the application. Understanding the root cause of this problem is the first step towards resolving it and ensuring a smooth authentication process for your users.
The error typically indicates a mismatch or a problem within the Firebase Auth configuration, often related to the reCAPTCHA setup which is designed to protect your application from spam and abuse. Solving this issue requires a deep dive into the Firebase configuration and the authentication implementation in your Node.js project. Addressing the problem involves verifying the setup of Firebase Auth, ensuring the correct version of Firebase SDK is used, and possibly adjusting the reCAPTCHA settings. This introduction sets the stage for a detailed exploration of how to effectively tackle this challenge and restore the integrity of your authentication flow.

Command/Function	Description
firebase.initializeApp(config)	Initializes Firebase with a configuration object.
firebase.auth()	Returns the Firebase Auth service associated with the default Firebase application.
signInWithEmailAndPassword(email, password)	Signs in a user with an email and password.
onAuthStateChanged()	Adds an observer for changes to the user's sign-in state.

Troubleshooting Firebase Auth Integration

Integrating Firebase Authentication into your Node.js application brings a host of benefits, from quick setup to robust security features. However, developers often face challenges during the implementation phase, particularly with errors like "_getRecaptchaConfig is not a function." This issue usually arises when attempting to sign in using email and password authentication methods. It's indicative of an underlying problem with the Firebase SDK or the way it's been configured within your project. A common cause is the improper initialization of Firebase or a failure to correctly set up the reCAPTCHA verifier, which is a security measure to ensure that sign-in requests are coming from actual users and not bots.
To effectively resolve this error, it's crucial to first ensure that all Firebase SDK components are correctly integrated and updated to their latest versions. This includes verifying that the Firebase project configuration matches what's specified in your application's initialization code. Furthermore, understanding the role of reCAPTCHA in Firebase Authentication can provide insights into why this error occurs. Firebase uses reCAPTCHA to prevent abuse of the authentication system, and if it's not correctly configured or initialized, Firebase cannot proceed with the authentication request, leading to the "_getRecaptchaConfig is not a function" error. Carefully reviewing your Firebase project's authentication settings, especially those related to reCAPTCHA, and ensuring they align with Firebase's documentation and guidelines, can help overcome this hurdle and streamline the user authentication process.

Handling Firebase Authentication in Node.js

Node.js with Firebase SDK

const firebase = require('firebase/app'); require('firebase/auth'); const firebaseConfig = { apiKey: "YOUR_API_KEY", authDomain: "YOUR_AUTH_DOMAIN", projectId: "YOUR_PROJECT_ID", storageBucket: "YOUR_STORAGE_BUCKET", messagingSenderId: "YOUR_MESSAGING_SENDER_ID", appId: "YOUR_APP_ID" }; firebase.initializeApp(firebaseConfig); const auth = firebase.auth(); auth.signInWithEmailAndPassword('user@example.com', 'password') .then((userCredential) => { // Signed in var user = userCredential.user; // ... }) .catch((error) => { var errorCode = error.code; var errorMessage = error.message; // ... }); 

Exploring Firebase Auth and reCAPTCHA Integration

When deploying Firebase Authentication in Node.js applications, developers often encounter the "_getRecaptchaConfig is not a function" error, which can be a significant roadblock. This error is usually triggered during the sign-in process, specifically when using the email and password method. It indicates a potential issue in the Firebase SDK's integration or configuration, particularly around the reCAPTCHA verifier. reCAPTCHA is a critical component designed to differentiate between human users and automated access, ensuring that user authentication requests are legitimate and secure. Proper configuration and integration of reCAPTCHA within Firebase Auth are paramount to leveraging Firebase's full security capabilities and providing a seamless authentication experience for users.
To address and prevent this error, developers need to ensure that their Firebase project and the associated SDKs are correctly set up and up to date. This includes verifying the project's configuration on the Firebase console and ensuring that the reCAPTCHA settings are correctly implemented in the application. Understanding the underlying cause of the "_getRecaptchaConfig is not a function" error involves a thorough review of the Firebase Auth documentation and potentially reaching out to the Firebase support community for insights. By meticulously configuring reCAPTCHA and adhering to Firebase's best practices, developers can overcome this hurdle, enhancing the security and usability of their applications.

Frequently Asked Questions About Firebase Authentication

1. Question: What is Firebase Authentication?
2. Answer: Firebase Authentication provides backend services, easy-to-use SDKs, and ready-made UI libraries to authenticate users to your app. It supports authentication using passwords, phone numbers, popular federated identity providers like Google, Facebook, and Twitter, etc.
3. Question: How do I resolve the "_getRecaptchaConfig is not a function" error?
4. Answer: This error typically occurs due to misconfiguration in your Firebase project or SDK. Ensure your Firebase Auth and reCAPTCHA are correctly set up, and you're using the latest version of the Firebase SDK.
5. Question: Is reCAPTCHA necessary for Firebase Auth?
6. Answer: Yes, reCAPTCHA is a crucial security measure for distinguishing between real users and bots, especially when using email and password authentication or resetting passwords.
7. Question: How do I update my Firebase SDK to the latest version?
8. Answer: You can update your Firebase SDK by running the relevant package manager command (e.g., npm or yarn) to install the latest version of the Firebase package in your project.
9. Question: Can Firebase Authentication work with custom authentication systems?
10. Answer: Yes, Firebase Authentication can be integrated with custom authentication systems. You can use Firebase's Custom Auth System to authenticate users by other means while still utilizing Firebase's services and security features.

Wrapping Up Firebase Authentication Insights

Understanding and resolving the "_getRecaptchaConfig is not a function" error is crucial for developers implementing Firebase Authentication in their Node.js applications. This challenge highlights the importance of a meticulous approach to integrating Firebase and its security features, such as reCAPTCHA, to ensure a seamless authentication process. Through careful configuration, regular SDK updates, and adherence to Firebase's best practices, developers can effectively mitigate this issue, enhancing the robustness and reliability of their authentication systems. Ultimately, overcoming such hurdles not only secures the application against unauthorized access but also elevates the overall user experience, fostering trust and satisfaction among users. Embracing these practices empowers developers to leverage Firebase Auth's full potential, making it a cornerstone of secure and efficient user authentication in modern web applications.
https://www.tempmail.us.com/en/firebase/resolving-firebase-auth-signin-issue-getrecaptchaconfig-is-not-a-function

My family has been with Comcast for over two decades. Between us there's over a dozen email addresses that are in daily use. What happens if we move to an area that isn't serviced by Comcast? Is there a way to continue using our comcast.net email addresses? What about accessing 20+ years worth of email history. Is there some way to save the emails and access them after we lose Comcast?

This is regarding the popup on the landing page that prompts the user to enter their email to subscribe. Is it possible to provide buttons for google/facebook/apple so the user can click and subscribe rather than enter the full email address?
I see signin with google/facebook/apple single click buttons all the time but not subscribe to mailing list with these buttons.

hi all. i'm a new CCA in Texas who did everything correctly so far, up until academy starting on tuesday 5/7.
it was scheduled to start at 7 am, and due to a prescription i take, i didn't wake up until 8:20. i set 8 different alarms and maxed out volume, setting it directly next to my face, leaving off my mask so the sunlight would wake me (i cant sleep if its light at ALL) but... nothing worked. Devastated. this only happens like once or twice a year and it was the worst day possible! :(
i still went in immediately at 8:30 but they said i wasn't allowed in since they already turned in the signin sheet, hr already knows i didn't attend and i'll have to ask my supervisor to get me rescheduled. i went in person directly after and asked him, and i emailed the local HR district email they mentioned too just in case, but i'm so nauseous.
it's been two days since then, no word back, and i got an offer for a cca position in my hometown, which i desperately do not want for multiple reasons but if push comes to shove i have to or i'll get evicted. its so small i doubt id get enough hours to live here anyway so taking it would just ruin my life regardless. the postmaster invited me to a meet&greet tomorrow the 10th at 11:30.
i plan to go to my office and ask about the reschedule because i have to anyway (missing two days of training pay), and then going to the other one after just in case. i need this first job desperately... is there a high likelihood i'm out now? do they typically say nah fuck off or would they possibly say yeah sure heres the next academy start? should i accept the second offer?
sorry, i'm all stressed out. i really wanted this to be a fresh start to turn my loser life around but i fucked it up again. if anyone has any advice on keeping my job, or if theres something else i should do, please let me know. thank you

As you might have heard, the City of Wichita is experiencing a network outage, meaning many services have been interrupted. Here is a list of library services that will and won't work right now. We will update our social media channels as we have more updates. We apologize for the inconvenience this is causing and appreciate your flexibility and understanding during this time.
Here's what's working:

• Public internet on public computers at all locations
• Public WiFi at Alford, Angelou and Rockwell branches
• Public printers are working at all locations; we are waiving fees at this time
• Staff can checkout materials, but checking in materials, pulling holds, and transferring materials between locations might be paused. We are a fine free library, but will monitor customer accounts to make sure other fees are not assessed during this time. Staff is working in "offline mode," so some functionalities (like looking up account information) might be limited.

Here's what's not working:

• Public WiFi at the Advanced Learning Library, Evergreen, Walters, and Westlink branches
• Staff email through the City network (if you email us, we might not be able to respond during this outage)
• Library website
• Most databases (see below for a detailed list)
• Online catalog
• Self-service print release stations
• Self-check stations
• Automated materials handler at the Advanced Learning Library; place returns in the manual book drops

Unless otherwise noted, all library programs will continue as planned.
Databases with limited access normally:

• American Ancestors (Advanced Learning Library only)
• Ancestry Library Edition (Public internet computers only)
• Family Search (Advanced Learning Library only)
• Foundation Directory Online (Advanced Learning Library only)
• Grants to Individuals (Advanced Learning Library only)
• OCLC FirstSearch (Library public internet computers only)

Databases with more limited access:

• Reference Solutions (Library public internet computers only)
• Scholastic BookFlix (Library public internet computers only)

Databses working as normal:

• Auto Repair Source
• Black Freedom Struggle in the United States
• Bloom's Literature
• Britannica Public Library
• Business Source Premier
• Chilton Library
• Consumer Health Complete
• Consumer Reports
• Coronavirus Research Database
• EBSCOhost
• Explora
• Explora Elementary
• Explora Middle School
• Explora High School
• Explora Educator's Edition
• Ferguson's Career Guidance Center
• Fold3 Library Edition
• Genealogy Connect
• Health Reference Center
• HeritageQuest
• Hispanic Life in America
• History Reference Center
• Issues and Controversies
• Kansas History, Territorial through Civil War
• LearningExpress Library
• Literary Reference Center
• The Mailbox Plus
• Mango
• The New York Times
• The New York Times Games
• NewsBank
• Newspapers.com Library Edition
• NoveList Plus
• Nursing & Allied Health Premium
• Read It!
• Small Business Reference Center
• Today's Science
• US Newsstream
• Value Line
• Wichita Eagle (Image Edition)
• Wichita Eagle (Text Edition)
• Wichita Journalism Collaborative
• Wichita Public Library Digital Archives
• World Almanac for Kids
• World Almanac for Kids Elementary
• World News Digest

Hi guys
I'm working on setting up a notification system within AWS to alert whenever our designated "break glass" IAM user logs in, whether it's through the AWS Management Console or CLI. I have CloudTrail configured to monitor global management events and send logs to both an S3 bucket and CloudWatch log group.
However, I'm struggling to get the intended functionality from an Amazon EventBridge rule, which is supposed to trigger an SNS email notification upon user login, but it's not activating.
Here's the EventBridge rule pattern I used to try to detect any sign-in event for validation:

{ "source": ["aws.signin"], "detail-type": ["AwsConsoleSignIn"], "detail": { "eventSource": ["signin.amazonaws.com"] } } 

This rule should theoretically detect any console sign-in event, but it doesn't seem to be working... but why?
The AWS documentation recommends monitoring such events but lacks detailed guidance on setting up these notifications. Has anyone successfully implemented similar monitoring and can share insights or references?
Edit: Fixing hyperlink

I'm really going to try to keep this short. It's not going to work.
April 26th, I called Xfinity to downgrade from 800mb. Finally started to research and spoke with an old colleague, realizing I didn't need even close to this speed. Flat with two humanz, who stream and browse. No uploads/downloads or gaming (if this matters).
I hate calling Xfinity, I would rather get 8 root canals and a pap smear with equipment from the 1800s instead of trying to communicate with Concast/Xfinity. But, in calling to downgrade, no contract, phone PIF (don't get me started on getting it unlocked). Striaght forward, yes? Sigh.
4/26th I call at 6:21pm est. Ended at 1130pm(ish) to downgrade. I'd finally reached a tier two supervisor who seemed to actually care abt the customer.
I have both mobile/net through them (12+ yrs w/net, 5/7yrs mobile). I never received discount promised & was oversold on 800mb of speed. No uploads/downloads, no gaming (if that matters). By the time I reached said tier two, offered $150 credit (BTW, I do record calls to them, and say so as they record too), which for Xfinity is a unicorn, I know. I really don't mean to sound greedy, but ffs, on the low end of said discount, I was owed around around $540. I know it isn't the reps, supervisors, tier two, three, 18 who have thee powers.
Cut to the point. Last week, I was able to access my statements, had a quick glance, & would download, simplify three billz from 2021, '22, '23. I dunno why they can't see it. Yelp. This all changed after I called to remove my $15 phone warranty. It brought my unlimited down to $30.
Two days ago, I was set. I'm going to grab the statements and send them off. Of course, he'd have to send them to a different part of the company that handles these issues. The $150 would still be good if they'd deny it, which, well....
Only I can't. I try to sign into my account. I get this notification due to a processing error on their end, my bill has been updated to show the correction. It's options *review later or review and approve changes. I try both. It cycles back, either option. Regardless of what I choose, if *I don't approve it it loops right back to due to a processing error.
I can't access my statements. I can't access my account. (They say, "Don't let anyone ever take your peace" (whomever they* are) haven't ever dealt with comcast). I don't want to call them, chat them, however, no options. Reps can't send my statement or email error, they say. BUT I do get an email that they gave me a $10 credit. I ask to have processing error explained. Ignored. At this point, I'm chatting & waiting on the line. Started at 935am, gave up around 1pm.
Miraculously, my mobile statements appeared, emailed 5m after i gave up. From 2021 to now. So, circling back, the original tier two supervisor doesn't have access to my account history? I've emailed him said statements and not a peep. Can't Sat I'm surprised but definitely disappointed.
To recap/or TL;DR (semi-colon or not) 1. Tier two supervisor say no access to mobile statements going back to 2021. 2. I can't access my account due to processing error on their end, and must review and approve, & 2 options are given, both on app & laptop, trying multiple browsers. Review later or review and approve changes Either one, if I don't click approve I'm looped right back to the processing error notification. This, coincidentally, appearing a week after canceling my $15 warranty charge for my phone.
The final detail I'll mention, is they do (I don't even have the words to explain it) show previous plan $30.65 new updated charges $86. My internet bill has never ever been 30 bucks. Where this number came from.... maybe it was a bill where I was credited a certain amount bc I've been paying anywhere between $60 - 90 & that's not including my cell.
I haven't been able to search into other internet providers because this time around, I'm either doing small claims or arbitration. In my state I can do small claims up to 10k. I've never sued anyone never mind a company with way deeper pockets than I'll ever have. I'll be lucky if I can afford the small claims fee + serving the demand letter. I have gave them the 120 day notice.
I've screencapped my calls (you can see how many times i was disconnected during transfers, video recorded the looping, both on the app, laptop via chrome/brave/firefox, etc.
They are now offering new customers the essentials package, at $29.95, a free phone & free year of unlimited service.
Us, those who've been with them for over a decade, if not longer? Zip. I'm sure anything I've recorded even with their acknowledgement/consent won't be admissible in court.
Or I'll be disappeared 😆

forrealXfinity #comsuckscast

Hey,
I want to use magic links for signin/signup flows in my application. I have 2 types of users (roles): business and user. I want to assign the role to the user on signup. Decision whether the user is business or user is based on clicked login button: Signup as usebusiness.
The question is how can I achieve that? Oauth providers have the profile callback, but not EmailProviders. Most preferably I'd like to pass the role while calling the signIn("provider", {email, role}) function. But I can't find any help in documentation
My versions:
Next.js: 14
auth.hs: v5

I'm running an exchange 2019 server latest cu in hybrid mode. I have about 10 users in EXO and 250 users in Exch2019. My users span across 5 different domains but primarily *@example.org When a user tries to sign into their mailbox on their mobile phone they satisfy the MFA requirements and are prompted with either "failed to login" or "something went wrong" with the occasional "this mailbox not found in exchange online" sprinkled in instead of their mailbox downloading. Users who added their exchange mailbox end of 23 or Jan/Febish this year can continue to add their mailbox to their same mobile device without an issue. From what I can tell this is an issue on the microsoft cloud side of things.
I opened a case with Microsoft Cloud Team and was advised this is an on-prem issue and to raise a ticket with ProSupport. Unfortunately at this time we don't have active support on our exchange on-prem license so I'm stuck figuring this out on my own.
I have figured out a way to get the user signed into outlook mobile but it's strange...
Example of working signin.
Name: Demo User
UPN: [demo@example.org](mailto:demo@example.org)
Email in exchange: [DUser@example.org](mailto:DUser@example.org)
Additional SMTP: [demo@example.mail.onmicrosoft.com](mailto:demo@example.mail.onmicrosoft.com)
If I add a mailbox to my android phone using
[demo@example.org](mailto:demo@example.org) i receive a "failed to login"
[DUser@example.org](mailto:DUser@example.org) i receive a "failed to login"
The only way I have found I can log this user is with their "entra upn" example demo"@.onmicrosoft.com. So for example i'd open outlook mobile and add [demo@example.onmicrosoft.com](mailto:demo@example.onmicrosoft.com), screen refreshes and brings up microsoft sign on page, showing [demo@example.org](mailto:demo@example.org), complete login process, mailbox added and starts downloading.
WHY DOES IT WORK WITH THE ENTRA ID?! I have spent months banging my head against a wall trying to figure out why these users can't sign in on their phone using modern authentication. They've been forced to use basic auth until I could resolve this issue.
My ultimate question is why can't the user's sign on using their primary domain? Entra shows their primary domain is [demo@example.org](mailto:demo@example.org). All of their other microsoft logins work fine with their normal primary domain login.
Thanks for the help!

I'm running an exchange 2019 server latest cu in hybrid mode. I have about 10 users in EXO and 250 users in Exch2019. My users span across 5 different domains but primarily *@example.org When a user tries to sign into their mailbox on their mobile phone they satisfy the MFA requirements and are prompted with either "failed to login" or "something went wrong" with the occasional "this mailbox not found in exchange online" sprinkled in instead of their mailbox downloading. Users who added their exchange mailbox end of 23 or Jan/Febish this year can continue to add their mailbox to their same mobile device without an issue. From what I can tell this is an issue on the microsoft cloud side of things.
I opened a case with Microsoft Cloud Team and was advised this is an on-prem issue and to raise a ticket with ProSupport. Unfortunately at this time we don't have active support on our exchange on-prem license so I'm stuck figuring this out on my own.
I have figured out a way to get the user signed into outlook mobile but it's strange...
Example of working signin.
Name: Demo User
UPN: [demo@example.org](mailto:demo@example.org)
Email in exchange: [DUser@example.org](mailto:DUser@example.org)
Additional SMTP: [demo@example.mail.onmicrosoft.com](mailto:demo@example.mail.onmicrosoft.com)
If I add a mailbox to my android phone using
[demo@example.org](mailto:demo@example.org) i receive a "failed to login"
[DUser@example.org](mailto:DUser@example.org) i receive a "failed to login"
The only way I have found I can log this user is with their "entra upn" example demo"@.onmicrosoft.com. So for example i'd open outlook mobile and add [demo@example.onmicrosoft.com](mailto:demo@example.onmicrosoft.com), screen refreshes and brings up microsoft sign on page, showing [demo@example.org](mailto:demo@example.org), complete login process, mailbox added and starts downloading.
WHY DOES IT WORK WITH THE ENTRA ID?! I have spent months banging my head against a wall trying to figure out why these users can't sign in on their phone using modern authentication. They've been forced to use basic auth until I could resolve this issue.
My ultimate question is why can't the user's sign on using their primary domain? Entra shows their primary domain is [demo@example.org](mailto:demo@example.org). All of their other microsoft logins work fine with their normal primary domain login.
Thanks for the help!

I'm running an exchange 2019 server latest cu in hybrid mode. I have about 10 users in EXO and 250 users in Exch2019. My users span across 5 different domains but primarily *@example.org When a user tries to sign into their mailbox on their mobile phone they satisfy the MFA requirements and are prompted with either "failed to login" or "something went wrong" with the occasional "this mailbox not found in exchange online" sprinkled in instead of their mailbox downloading. Users who added their exchange mailbox end of 23 or Jan/Febish this year can continue to add their mailbox to their same mobile device without an issue. From what I can tell this is an issue on the microsoft cloud side of things.
I opened a case with Microsoft Cloud Team and was advised this is an on-prem issue and to raise a ticket with ProSupport. Unfortunately at this time we don't have active support on our exchange on-prem license so I'm stuck figuring this out on my own.
I have figured out a way to get the user signed into outlook mobile but it's strange...
Example of working signin.
Name: Demo User
UPN: [demo@example.org](mailto:demo@example.org)
Email in exchange: [DUser@example.org](mailto:DUser@example.org)
Additional SMTP: [demo@example.mail.onmicrosoft.com](mailto:demo@example.mail.onmicrosoft.com)
If I add a mailbox to my android phone using
[demo@example.org](mailto:demo@example.org) i receive a "failed to login"
[DUser@example.org](mailto:DUser@example.org) i receive a "failed to login"
The only way I have found I can log this user is with their "entra upn" example demo"@.onmicrosoft.com. So for example i'd open outlook mobile and add [demo@example.onmicrosoft.com](mailto:demo@example.onmicrosoft.com), screen refreshes and brings up microsoft sign on page, showing [demo@example.org](mailto:demo@example.org), complete login process, mailbox added and starts downloading.
WHY DOES IT WORK WITH THE ENTRA ID?! I have spent months banging my head against a wall trying to figure out why these users can't sign in on their phone using modern authentication. They've been forced to use basic auth until I could resolve this issue.
My ultimate question is why can't the user's sign on using their primary domain? Entra shows their primary domain is demo@example.org. All of their other microsoft logins work fine with their normal primary domain login.
Thanks for the help!

As a mod on the corvette forum, I get probably 30+ reports (emails) a day from forum members about "he said; she said, or tech, whatever. Well I have my home email linked to the corvette forum (CF) as the target of the emails that come from the forum. On April 15th, my mail from CF stopped. Dead, Nada, Zilch. Our CF techs tell me that they are getting an email error message that states something on the order that "I am not a customer" of comcast. This is somewhat of a surprise as I have TV, Internet, & phone with comcast. I am receiving (as far as I can tell) email to my comcast email from the world (Bank, Amazon, spam, ads, physicians), basically anyone that wants to send to my personal email address with comcast is received. I changed my email to my wife's comcast email ID and I receive email from the CF. I used an old AT&T email ID to test and I get forum emails on that ID.
The only site that I can't get mail from is the CF when I use my [personalID@comcast.net](mailto:personalID@comcast.net) email as my destination email address. I've been a moderator on CF for many years and have had no issues with my email ID.
Comcast has me on some higher tier for their trouble shooting attempts.
I have:
Intel 10 core I9 10900K 4900Mhz 64 GB DDR4 RAM Windows 11 NVIDIA GTX Super 6GB 1 TB SATA HD 1TB PCI-E 3.0 HD Using MS Office 365 with Outlook 365 to pull my mail.
Changing from comcast is not an option. With AT&T I got 18MB down and 2MB up while I'm running 500MB down and 35MB up with comcast. No way in hell I'm going that route with AT&T. We have a new fiber system going into the neighborhood but I'd have to reorganize pretty much every service I have to stream or whatever, nope not going there.
Sigh... I wonder if anyone else with comcast has fallen into the same black hole that my ID hit. Anyone got a way to see if there are other people affected the same as I am?
80 years old and way too old to have to put up with this issue. Remember, really technical answers might be a serious challenge for me to understand. I was told about this site and that it offered very good information on what I need to do or if comcast is the problem, a good contact to get problems fixed.
I'm guessing on the response of "flair".

my sign in export const signIn = catchAsync( async (req: customRequestOptions, res: Response, next: NextFunction) => { const { email, password } = req.body; if (!email !password) { return next(AppError("please provide a valid email and password", 404)); } const user = await User.findOne({ email: email }).select("+password"); if (!user) { return next(AppError("please enter a valid email and password", 401)); } if (!user !(await user.correctPassword(password, user.password))) { return next(AppError("please provide correct Email or password ", 401)); } const accessToken = jwt.sign({ user }, process.env.JWT_SECRET as string, { expiresIn: "10s", }); const refreshToken = jwt.sign( { user }, process.env.REFRESH_JWT_SECRET as string, { expiresIn: "1d" }, ); res.cookie("jwt", refreshToken, { httpOnly: true, secure: true, //https sameSite: "none", //cross site cookies maxAge: 7 * 24 * 60 * 60 * 1000, }); res.json({ accessToken }); }, ); export const refresh = (req: customRequestOptions, res: Response) => { const cookies = req.cookies; if (!cookies.jwt) return res.status(401).json({ message: "Unauthorized " }); const refreshToken = cookies.jwt; jwt.verify( refreshToken, process.env.REFRESH_JWT_SECRET as string, {}, async (err: any, decode: any) => { if (err) return res.status(403).json({ message: "Forbidden" }); const foundUser = await User.findOne({ email: decode.email }); if (!foundUser) return res.status(401).json({ message: "Unauthorized " }); const accessToken = jwt.sign( foundUser, process.env.JWT_SECRET as string, { expiresIn: "10s" }, ); res.json({ accessToken }); }, ); }; my index export interface customRequestOptions extends Request { user?: any; } export type ExpressBasic = { req: Request; res: Response; next: NextFunction; }; dotenv.config(); export const app = express(); // const corsOptions = { // methods: ["GET", "POST"], // Allow GET and POST requests // allowedHeaders: [ // "set-cookie", // "Content-Type", // "Access-Control-Allow-Origin", // "Access-Control-Allow-Credentials", // ], // exposedHeaders: ["Content-Length"], // Expose this custom header // credentials: true, // Allow credentials (cookies, HTTP authentication) // preflightContinue: false, // Do not continue if preflight request fails // }; app.use( cors({ origin: "http://localhost:5173", credentials: true, }), ); app.use(function (req, res, next) { res.header("Access-Control-Allow-Credentials", "true"); next(); }); app.options("*", cors()); app.use(morgan("dev")); app.use(cookieParser()); app.use(express.json()); app.use(express.urlencoded({ extended: true, limit: "10kb" })); //It parses incoming requests with URL-encoded payloads and is based on a body parser.this is for form app.use("/api/v1/posts", postRouter); app.use("/api/v1/users", userRouter); app.use(globalErrorHandler); 

func sigInWithGoogle(completion: u/escaping (Bool, Error?) -> Void) { guard let rootViewController = UIApplication.shared.keyWindow?.rootViewController else { return } guard let clientID = FirebaseApp.app()?.options.clientID else { return } let config = GIDConfiguration(clientID: clientID) GIDSignIn.sharedInstance.configuration = config GIDSignIn.sharedInstance.signIn(withPresenting: rootViewController) { signInResult, error in if let error = error { completion(false, error) print("Error loggin with Google: \(error.localizedDescription)") return } guard let authentication = signInResult?.user, let idToken = authentication.idToken else { return } let idTokenString = idToken.tokenString let credential = GoogleAuthProvider.credential(withIDToken: idTokenString, accessToken: signInResult?.user.idToken?.tokenString ?? "") Auth.auth().signIn(with: credential) { authResult, error in if let error = error { completion(false, error) return } guard let user = authResult?.user else { return } AnalyticsManager.shared.logEvent(.loginWithGoogle) guard let name = user.displayName else { return } DispatchQueue.main.async { self.defaults.set(name, forKey: Constants.UserDefaultsValues.userFirstName) } completion(true, nil) } } } 

I have an iOS app that has Google Cloud SignIn using Firebase, but when opening the web to sign in, I get the following errors:

We cannot verify the authenticity of this app. Please contact the developer. Token failed.
If you are a Production App developer, see the error details.
Error 400: invalid_request
Request details: response_type=code code_challenge_method=S256 nonce=bRNSXpeJTQfPJn435Pn9C0niL5NIRzkxtb1BAIsXqu0 device_os=iOS 17.4.1 client_id=541903925667-nnvn5cctvima77nh4elc81schetiv4ok.apps.googleuser content.com emm_support=1 gpsdk=gid-7.1.0 gidenv=ios state=-KR22DP2ZWwf9bXZRWm96HGQjVt2-8KxEZ1GHYxAu3g redirect_uri=com.googleusercontent.apps.541903925667-nnvn5cctvima77nh4elc81schetiv4ok:/oauth2callback code_challenge=4ryryshF3lScPX6fJ-MSWR0AmgMsUM_OlhhFoo9P3MU include_granted_scopes=true access_type=offline scope=https://www.googleapis. com/auth/userinfo.email https://www.googleapis. com/auth/userinfo.profile openid

Result on Google SignIn iOS
I checked the credentials of the GoogleService-Info.plist file that I downloaded from Firebase and both the CLIENT_ID and the REVERSED_CLIENT_ID are the same as those in my Google Cloud configuration, also, the REVERSED_CLIENT_ID is the same as the URL Type that I have in Xcode
Xcode Google Services Info
URL Types on Xcode
In my Google Cloud Platform dashboard I have this config:
Google Cloud Platform on Credentials Section
Inside my iOS Client for ******* (auth created by Google Service) I have this config witch are equal to my GoogleService-info file
iOS Client config
Any idea how I can solve this error ? I remove and added again my iOS app on Firebase but the problem still continues
My code to sign in with Google are:

func sigInWithGoogle(completion: u/escaping (Bool, Error?) -> Void) { guard let rootViewController = UIApplication.shared.keyWindow?.rootViewController else { return } guard let clientID = FirebaseApp.app()?.options.clientID else { return } let config = GIDConfiguration(clientID: clientID) GIDSignIn.sharedInstance.configuration = config GIDSignIn.sharedInstance.signIn(withPresenting: rootViewController) { signInResult, error in if let error = error { completion(false, error) print("Error loggin with Google: \(error.localizedDescription)") return } guard let authentication = signInResult?.user, let idToken = authentication.idToken else { return } let idTokenString = idToken.tokenString let credential = GoogleAuthProvider.credential(withIDToken: idTokenString, accessToken: signInResult?.user.idToken?.tokenString ?? "") Auth.auth().signIn(with: credential) { authResult, error in if let error = error { completion(false, error) return } guard let user = authResult?.user else { return } AnalyticsManager.shared.logEvent(.loginWithGoogle) guard let name = user.displayName else { return } DispatchQueue.main.async { self.defaults.set(name, forKey: Constants.UserDefaultsValues.userFirstName) } completion(true, nil) } } }